One of the most important issues impeding the widespread distribution of digital documents or works via electronic commerce is the current lack of protection of the intellectual property rights of content owners during the distribution and use of those digital documents or works. Efforts to resolve this problem have been termed “Intellectual Property Rights Management” (“IPRM”), “Digital Property Rights Management” (“DPRM”), “Intellectual Property Management” (“IPM”), “Rights Management” (“RM”), “Digital Rights Management” (“DRM”) and “Electronic Copyright Management” (“ECM”). At the core of Digital Rights Management is the underlying issue of ensuring that only authorized users may perform operations on digital documents or works that they have acquired. Once accessed, the content must not be distributed or used in violation of the content owner's specification of rights.
A document or work, as the term is used herein, is any unit of information subject to distribution or transfer, including but not limited to correspondence, books, magazines, journals, newspapers, other papers, software, photographs and other images, audio and video clips, and other multimedia presentations. A document may be embodied in printed form on paper, as digital data on a storage medium, or in any other known manner on a variety of media. A digital work, as the term is used herein, is any document, text, audio, multimedia or other type of work or portion thereof maintained in a digital form that can be replayed or rendered using a device or a software program.
In the world of printed documents, a work created by an author is usually provided to a publisher, which formats and prints numerous copies of the work. The copies are then sent by a distributor to bookstores or other retail outlets, from which the copies are purchased by end users.
While the low quality of copying and the high cost of distributing printed material have served as deterrents to the illegally copying of most printed documents, it is far too easy to copy, modify, and redistribute unprotected electronic documents. Accordingly, some method of protecting electronic documents is necessary to make it harder to illegally copy them. This will serve as a deterrent to copying, even if it is still possible, for example, to make hardcopies of printed documents and duplicate them the old-fashioned way.
With printed documents, there is an additional step of digitizing the document before it can be redistributed electronically; this serves as a deterrent. Unfortunately, it has been widely recognized that there is no viable way to prevent people from making unauthorized distributions of electronic documents within current general-purpose computing and communications systems such as personal computers, workstations, and other devices connected over local area networks (LANs), intranets, and the Internet. Many attempts to provide hardware-based solutions to prevent unauthorized copying have proven to be unsuccessful.
Two basic schemes have been employed to attempt to solve the document protection problem: secure containers (systems which rely on cryptographic mechanisms) and trusted systems.
Cryptographic mechanisms encrypt (or “encipher”) documents that are then distributed and stored publicly, and ultimately privately decrypted by authorized users. Cryptographic mechanisms provide a basic form of protection during document delivery from a document distributor to an intended user over a public network, as well as during document storage on an insecure medium. Many digital rights management solutions rely on encrypting the digital work and distributing both the encrypted message and decryption key to the consumer's system. While different schemes are employed to hide the decryption key from the consumer, the fact remains that all necessary information is available for a malicious user to defeat the protection of the digital work. Considering that current general-purpose computers and consumer operating systems provide little in the way of sophisticated security mechanisms, the threat is both real and obvious.
A “secure container” (or simply an encrypted document) offers a way to keep document contents encrypted until a set of authorization conditions are met and some copyright terms are honored (e.g., payment for use). After the various conditions and terms are verified with the document provider, the document is released to the user in clear form. Commercial products such as IBM's Cryptolopes and InterTrust's Digiboxes fall into this category. Clearly, the secure container approach provides a solution to protecting the document during delivery over insecure channels, but does not provide any mechanism to prevent legitimate users from obtaining the clear document and then using and redistributing it in violation of content owners' intellectual property.
Cryptographic mechanisms and secure containers focus on protecting the digital work as it is being transferred to the authorized user/purchaser. However, a digital work must be protected throughout its use from malicious users and malicious software programs. Even if a user is a trusted individual, the user's system may be susceptible to attack. A significant problem facing electronic commerce for digital works is ensuring that the work is protected on the target consumer's device. If the protection for the digital work is compromised, valuable and sensitive information is lost. To complicate matters, today's general-purpose computers and consumer operating systems are deficient in the areas of security and integrity. Protecting the work throughout usage is a much more complex issue that remains largely unsolved.
In the “trusted system” approach, the entire system is responsible for preventing unauthorized use and distribution of the document. Building a trusted system usually entails introducing new hardware such as a secure processor, secure storage and secure rendering devices. This also requires that all software applications that run on trusted systems be certified to be trusted. While building tamper-proof trusted systems is still a real challenge to existing technologies, current market trends suggest that open and untrusted systems such as PC's and workstations will be the dominant systems used to access copyrighted documents. In this sense, existing computing environments such as PC's and workstations equipped with popular operating systems (e.g., Windows and UNIX) and render applications (e.g., Microsoft Word) are not trusted systems and cannot be made trusted without significantly altering their architectures.
Accordingly, although certain trusted components can be deployed, users must continue to rely upon various unknown and untrusted elements and systems. On such systems, even if they are expected to be secure, unanticipated bugs and weaknesses are frequently found and exploited.
Conventional symmetric and asymmetric encryption methods treat messages to be encrypted as basically binary strings. Applying conventional encryption methods to documents has some drawbacks. Documents are typically relatively long messages; encrypting long messages can have a significant impact on the performance of any application that needs to decrypt the document prior to use. More, importantly, documents are formatted messages that rely on appropriate rendering applications to display, play, print and even edit them. Since encrypting a document generally destroys formatting information, most rendering applications require the document be decrypted into clear form before rendering it. Decryption prior to rendering opens the possibility of disclosing the document in the clear after the decryption step to anyone who wants to intercept it.
There are a number of issues in rights management: authentication, authorization, accounting, payment and financial clearing, rights specification, rights verification, rights enforcement, and document protection. Document protection is a particularly important issue. After a user has honored the rights of the content owner and has been permitted to perform a particular operation with a document (e.g., print it, view it on-screen, play the music, or execute the software), the document is presumably in-the-clear, or unencrypted. Simply stated, the document protection problem is to prevent the content owner's rights from being compromised when the document is in its most vulnerable state: stored, in the clear, on a machine within the user's control.
Even when a document is securely delivered (typically in encrypted form) from a distributor to the user, it must be rendered to a presentation data form before the user can view or otherwise manipulate the document. Accordingly, to achieve the highest level of protection, it is important to protect the document contents as much as possible, while revealing them to the user at a late stage and in a form that is difficult to recover into a useful form.
In the known approaches to electronic document distribution that employ encryption, an encrypted document is rendered in several separate steps. First, the encrypted document is received by the user. Second, the user employs his private key (in a public key cryptosystem) to decrypt the data and derive the document's clear content. Finally, the clear content is then passed on to a rendering application, which translates the computer-readable document into the finished document, either for viewing on the user's computer screen or for printing a hardcopy. The clear content is required for rendering because, in most cases, the rendering application is a third-party product (such as Microsoft Word or Adobe Acrobat Reader) that requires the input document to be in a specific format. It should be appreciated, then, that between the second and third steps, the previously protected document is vulnerable. It has been decrypted, but is still stored in clear electronic form on the user's computer. If the user is careless or is otherwise motivated to minimize fees, the document may be easily redistributed without acquiring the necessary permissions from the content owner.
While no system is completely spoof proof or immune to attack, some recent techniques protect digital works by limiting use of the digital work to a user-specified physical device. These techniques require the user to provide private information or system state information from the system or physical device the user intends to use to render the digital work. System state information is typically defined as system configuration information such as system parameters, CPU identifier, device identifiers, NIC identifiers, drive configuration, etc. In these techniques, the digital content is encrypted using a session key, then the session key, rather than using the user's encryption key, is encrypted using a combination of the system or state information and the user's credentials. Then both the encrypted content and key are transmitted to the destination repository. In order to use the received encrypted work, the user must contact a trusted authorizing entity (usually a remotely located software program) which verifies the user's identity and credentials, then together with system state, decrypts the session key and finally decrypts the content for use.
Commercial applications such as the secure Adobe Acrobat reader and the secure Microsoft MediaPlayer validate usage of the digital work by checking a license voucher for the appropriate user credentials and usage rights. Among the user credentials are system device identifiers such as the CPU identifier or certain device serial numbers. At the time the user invokes an operation on the digital work, the application verifies if the specified device is present. This provides assurance that the digital work has not been transmitted to an unauthorized user (actually to an unauthorized device). While the programmatic check provides a minimal level of assurance, it depends on the security of the secret, which resides on the user's device. Not only can the decryption key be violated, but also the device identifiers themselves are particularly susceptible to the threat of spoofing.
The Acrobat Reader and MediaPlayer protection schemes operate by allowing the rendering application to identify required devices on the user system as specified in the license voucher issued for the digital work. This provides a level of protection adequate in many circumstances (i.e., if the user is trusted and the user's specified rendering device is not susceptible to attack). The weakness of the schemes is that it is based on the assumption that neither the protection of the cryptographic key nor the integrity of the license voucher will be compromised.
These techniques are really more of an authentication technique than a protection technique, in that once the user's identity and credential information, system state information is verified or license voucher received, the content is decrypted to its clear state and then becomes vulnerable to attack. The digital work is afforded no protection throughout usage. Further, the user information approach is problematic in that it assumes the user will be sufficiently deterred from passing along his/her personal information. In other words, for the user information approach to succeed there must be severe consequences for users who would reveal their private identity and credential information.
A significant drawback to the schemes which tie authorization a specific device is that they require the user to divulge sensitive information (e.g., CPU number or other personal information) which raises a concern regarding privacy issues. While the user divulges the information voluntarily (the user's only option if he/she does not wish to divulge this information is not to receive the digital work) it would be desirable to provide a protection scheme that could secure a digital work on a user's device without requiring private information. It would also be desirable to provide a DRM solution which does not rely on the protection of the cryptographic key or the integrity of the license voucher. It would be desirable to provide a DRM solution which delayed decryption of the digital content to the latest possible moment.
Accordingly, it would be beneficial to provide an electronic document distribution scheme that minimizes the disadvantages of known systems. Such a scheme would prevent users from obtaining a useful form of an electronically-distributed document during the decryption and rendering processes.